Prior art data storage devices such as disk drives have drive control systems including means for accepting commands from a host computer including commands related to self-testing, calibration and power management. Each drive has programming code (microcode) in nonvolatile memory for execution by a controller, which is a special purpose processor, to enable it to perform essential functions. The microcode can be updated through the drive's communication interface as described, for example, in U.S. Pat. No. 5,659,801 to Kopsaftis. Various standard communication interfaces with both hardware components and command protocols are commonly used such as IDE, SCSI, Serial ATA, and Fibre Channel Arbitrated Loop (FC-AL).
Commercially available disk drives cannot perform any operation on the data other than those directly related to its storage, for example, performing error correction computations. There have been some suggestions for enhancing disk drives (HDD) by adding an application-specific component for receiving and executing application-specific instructions. Published US patent application 20030227703 by F. D. Hinshaw, describes application-specific components which can perform application-specific tasks, such as database operations, using data on the HDDs and return results to a local host or even a remote host via a network. Examples of the application-specific component include a circuit board or an integrated circuit such as an Application Specific Integrated Circuit (ASIC), Field Programmable Gate Array (FPGA), Central Processing Unit (CPU), or Digital Signal Processor (DSP). The additional component is capable of receiving application-specific instructions via a standard network connection and executing these application-specific instructions on the data contained on the disks. The application-specific component may be in the form of an add-on board which couples to the controller circuit or, alternatively, in the form of an application-specific chip which mates with a socket provided on the controller circuit.
In US patent application 20020162075 by Talagala, et al. a storage system is described which includes a storage array controller and a storage array. The storage array controller issues scrubbing operation commands to one or more of the disk drive controllers. In response, each disk drive controller that receives a scrubbing operation command reads data from within a data range from at least one of the disk drives, calculates a new checksum for the data, and compares the new checksum to a preexisting checksum for the data. If the new checksum doesn't equal the preexisting checksum, the data within the data range is determined to be erroneous.
The task of searching for and protecting against harmful computer code such as computer viruses, worms, Trojan horses, etc. is typically executed by a computer using an application program and a definition file which contains the so-called signatures of known harmful computer codes. The definition file is designed to be updated regularly from the Internet, so that recently identified codes can be found without having to update the application program itself. One example of a system for updating a virus signature database in a mobile wireless device is described in US patent application 20040083384 by Ari Hypponen. The anti-virus application and virus signature database are resident in the memory of the device. Management messages containing for example new virus signatures are sent from the network to the device. In accordance with instructions contained in the management messages, individual signature entries of the virus signature database are deleted or replaced, and new signatures added.
In US patent application 20030033536 by Pak, et al. a method for programmable scanning for malicious content on a wireless client device is described. The system uses a signature file for uniquely identifying a computer virus and a virus detection section comprising object code providing operations to detect the identified computer virus on the thin client device. The signature file is also installed on the thin client device. In one embodiment, the instruction set is capable of implementing the functionality of a Discrete Finite Automation (DFA) in a programmable assembly-like computing language which allows detection of multiple viruses at the same time without having to scan for them individually. In such an embodiment, the machine begins with a pointer into the input stream and a start state. Based on what byte is found at the pointer, the machine moves to a specified state. For each transition, the pointer is moved forward to the next byte. The machine ends with a stop state that identifies which infection was identified or none. The DFA's for several types of malicious code can be combined into a single DFA that scans for all such types of malicious code at the same time.